JavaScript is required to for searching.
  »  ...Oracle® ZFS Storage Appliance ...  »  Directory Services  »  Identity Mapping
Skip Navigation Links
Exit Print View
Oracle® ZFS Storage Appliance Security Guide
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Oracle ZFS Storage Appliance Security Overview

Initial installation

Physical Security

Administrative Model

ZFSSA Users

Access Control Lists (ACL)

Storage Area Network (SAN)

Data Services

Directory Services

Network Information Service (NIS)

Lightweight Directory Access Protocol (LDAP)

Identity Mapping

IDMU

Directory-based Mapping

Name-based Mapping

Ephemeral Mapping

System Settings

Remote Administrative Access

Logs

More Information

Documentation Mapping

Identity Mapping

Clients can access file resources on the ZFSSA using SMB or NFS and each has a unique user identifier. SMB/Windows users have Security Descriptors (SIDs) and UNIX/Linux users have User IDs (UIDs). Users can also be members of groups that are identified by Group SIDs (for Windows users) or Group IDs (GID) for UNIX/Linux users.

In environments where file resources are accessed using both protocols it is often desirable to establish identity equivalences where for example, a UNIX user is equivalent to an Active Directory user. This is important for determining access rights to file resources on the ZFSSA.

There are different types of identity mapping that involve Directory Services such as Active Directory, LDAP, and NIS. Care should be taken to follow the security best practices for the directory service being used.

Copyright © 2013, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next